Zobrazeno 1 - 10
of 41
pro vyhledávání: '"Tuma, Katja"'
Autor:
Mbaka, Winnie Bahati, Tuma, Katja
The arrival of recent cybersecurity standards has raised the bar for security assessments in organizations, but existing techniques don't always scale well. Threat analysis and risk assessment are used to identify security threats for new or refactor
Externí odkaz:
http://arxiv.org/abs/2408.07537
AI-based systems leverage recent advances in the field of AI/ML by combining traditional software systems with AI components. Applications are increasingly being developed in this way. Software engineers can usually rely on a plethora of supporting i
Externí odkaz:
http://arxiv.org/abs/2407.18584
The use of AI technologies is percolating into the secure development of software-based systems, with an increasing trend of composing AI-based subsystems (with uncertain levels of performance) into automated pipelines. This presents a fundamental re
Externí odkaz:
http://arxiv.org/abs/2407.14540
The underrepresentation of women in Computer Science and Engineering is a pervasive issue, impacting the enrolment and graduation rates of female students as well as the presence of women in leadership positions in academia and industry. The European
Externí odkaz:
http://arxiv.org/abs/2407.02305
Analyzing and Mitigating (with LLMs) the Security Misconfigurations of Helm Charts from Artifact Hub
Background: Helm is a package manager that allows defining, installing, and upgrading applications with Kubernetes (K8s), a popular container orchestration platform. A Helm chart is a collection of files describing all dependencies, resources, and pa
Externí odkaz:
http://arxiv.org/abs/2403.09537
Autor:
Mbaka, Winnie, Tuma, Katja
Security decisions are made by human analysts under uncertain conditions which leaves room for bias judgement. However, little is known about how demographics like gender and education impact these judgments. We conducted an empirical study to invest
Externí odkaz:
http://arxiv.org/abs/2310.04097
Autor:
Tuma, Katja, Van Der Lee, Romy
Cybersecurity threat and risk analysis (RA) approaches are used to identify and mitigate security risks early-on in the software development life-cycle. Existing approaches automate only parts of the analysis procedure, leaving key decisions in ident
Externí odkaz:
http://arxiv.org/abs/2208.01895
Autor:
Mbaka, Winnie, Tuma, Katja
To avoid costly security patching after software deployment, security-by-design techniques (e.g., STRIDE threat analysis) are adopted in organizations to root out security issues before the system is ever implemented. Despite the global gap in cybers
Externí odkaz:
http://arxiv.org/abs/2208.01524
Autor:
Tuma, Katja, Mbaka, Winnie
Background: Organizations are experiencing an increasing demand for security-by-design activities (e.g., STRIDE analyses) which require a high manual effort. This situation is worsened by the current lack of diverse (and sufficient) security workforc
Externí odkaz:
http://arxiv.org/abs/2208.01512
Securing cloud configurations is an elusive task, which is left up to system administrators who have to base their decisions on ``trial and error'' experimentations or by observing good practices (e.g., CIS Benchmarks). We propose a knowledge, AND/OR
Externí odkaz:
http://arxiv.org/abs/2205.14498